Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Google, Apple Pull Trojan-Like 'Find and Call' Mobile App From Stores

A mobile app with Trojan-like features that sends user contact lists to a remote server has been yanked from Google and Apple's digital stores.

Google and Apple have pulled an app from their mobile app stores after it was revealed it was sending user contact lists to a remote server and spamming the contacts with messages.

The app, named "Find and Call," claimed to be an app that helps users organize their address book. However, the app actually takes the users contact list and uploads it to a remote server.

An analysis of the iOS and Android versions of the application by security software company Kaspersky Lab showed its really a Trojan that replicates by the server sending Short Message Service (SMS) texts containing the applications URL to all the contacts in the users address book, according to Denis Maslennikov, senior malware analyst with Kaspersky Lab.

When the app launches, the user will be asked to register by entering his or her email address and cell phone number, Maslennikov explained. If the user chooses to find friends in a phone book, then the persons phone book data will be secretly sent to the remote server.

Further reading

Both apps are also able to upload the users GPS coordinates to the same server but such [a] feature is not that new for both malicious and legal apps to be honest, he blogged. So, what happens next? [Users] will be able to continue using the application, but at the same time the application steals data from the device ¦ which are uploaded to a remote server to be used for SMS spam campaigns. Each phone book entry will receive an SMS spam message offering to click on the URL and download this Find and Call application. It is worth mentioning that the from field contains the users cell phone number. In other words, people will receive an SMS spam message from a trusted source.

According to a report from the blog Appleinsider.ru, the makers of the application say the situation is due to a bug that is being fixed.

Vanja Svajcer, principal virus researcher at Sophos, wrote that he wouldnt necessarily call the application malware, opting instead to refer to it as spammy.

It would probably be more accurate to say that the "Find and Call" app is "spammy"as it leaks data all over the place in plain text via http (which means, of course, that the data could be intercepted and sniffed by someone wanting to snoop on you), he blogged.

Once the contact details are uploaded from the affected smartphone, there is some server-side code that sends each contact an SMS message with a link to the download location of the app. In this way, the app promotes itself to all of your contacts. That's pretty ugly behavior, as there are no previous warnings or explanations for the user.